The OAmon.sys kernel driver 3.1.0.0 and previous versions in Tall Emu Online Armor Personal Firewall AV+ prior to 3.5.0.12, and Personal Firewall 3.5 prior to 3.5.0.14, allows local users to gain privileges via crafted METHOD_NEITHER IOCTL requests to \Device\OAmon containing arbitrary kernel addresses, as demonstrated using the 0x830020C3 IOCTL.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
tallemu personal firewall 3.5.0.2 |
||
tallemu personal firewall 3.5.0.3 |
||
tallemu personal firewall 3.5.0.10 |
||
tallemu personal firewall 3.5.0.11 |
||
tallemu personal firewall 3.5.0.6 |
||
tallemu personal firewall 3.5.0.7 |
||
tallemu online armor personal firewall av\\+ |
||
tallemu personal firewall |
||
tallemu personal firewall 3.5.0.4 |
||
tallemu personal firewall 3.5.0.5 |
||
tallemu personal firewall 3.5.0.12 |
||
tallemu online armor personal firewall av\\+ 3.5.0.9 |
||
tallemu online armor personal firewall av\\+ 3.5.0.6 |
||
tallemu personal firewall 3.5.0.1 |
||
tallemu personal firewall 3.5.0.8 |
||
tallemu personal firewall 3.5.0.9 |
Vulmon